Latest stories — Page 26

Security Executives Push Back on Anthropic Export Restrictions
A coalition of cybersecurity leaders argues that blocking foreign nationals from accessing Anthropic's latest models hands adversaries a strategic gift.

Twenty-Five Orgs Are Quietly Triaging Open-Source Vulns Before You Hear About Them
A coalition called Athena is building shared infrastructure to find, fix, and harden OSS projects in the window between discovery and public disclosure.

Zero Trust Turns 15 and Still Can't Get Out of Its Own Way
The 'never trust, always verify' model isn't failing because the idea is wrong. It's failing because organizations keep treating a security philosophy like a SKU.

ScarCruft Dresses Up NarwhalRAT in a Microsoft Account Security Alert
APT37's spear-phish leans on the oldest trick in the identity playbook: tell the user their account is at risk, then hand them the payload.

CISA Adds LiteSpeed cPanel Plugin Bug to KEV After In-the-Wild Exploitation
CVE-2026-54420 (CVSS 8.5) lets attackers escalate to root on hosts running the LiteSpeed cPanel plugin. Federal agencies have until June 18, 2026 to patch.

Cisco Patches Catalyst SD-WAN Manager Bug Already Seeing In-the-Wild Abuse
CVE-2026-20262 lets an authenticated remote user write files on the appliance. Cisco confirms exploitation. Severity is rated medium, but the access it enables is not.

Feds Pull the Plug on CFAKE and SOCFAKE in First TAKE IT DOWN Act Domain Grab
DOJ seizes two deepfake nude sites that pulled tens of millions of visits a month, marking the first public test of the new federal statute.

China-Nexus Crew Burrowed Into REDCap, Turned Google Workspace Rules Into an Exfil Pipe
A 13-plus-month intrusion across medical, academic, and defense research networks abused victim-side mail forwarding instead of dropping noisy C2.

Contagious Interview Pivots to Dev-Review Lures in Two Fresh Campaigns
The North Korea-linked cluster is back with phishing pretexts aimed at developers — recruiter pitches and code-review requests that drop malware on engineers' workstations.

Three-Bug Chain Turns Any LiteLLM User Into Root on the AI Gateway
A default low-privilege account on the popular open-source LLM proxy can escalate to admin and execute code, exposing every provider key the gateway holds.

SearchLeak: How a microsoft.com Link Could Have Drained a Copilot Tenant
Varonis Threat Labs chained three bugs in Microsoft 365 Copilot Enterprise Search into a one-click exfil path that lived behind a trusted Microsoft URL.

Weekly Recap: Chrome Zero-Day, UniFi RCE, macOS Stealers, and a VPN Auth Bypass
Another seven days of rented phishing kits, AI-themed lures, and forgotten software paying out as initial access.

Langflow's Unauthenticated File-Write Flaw Is Being Exploited — Patch Dropped 73 Days Ago
CVE-2026-5027 lets attackers write files to arbitrary paths on exposed servers, and because Langflow ships with login disabled by default, exploitation requires exactly zero credentials.

Poisoned Documents Can Freeze AI Agent Guardrails Dead in Their Tracks
Researchers found that a single malicious input can trap reasoning-based safety systems in extended thinking loops, slowing LangGraph deployments by 148x and starving co-located agents of resources.

Behavioral AI Pitched as Triage Layer for Phishing and ATO Floods
A vendor webinar argues that pattern-learning models can cut investigation time on BEC and account takeover incidents. The harder question: what does that mean for breach-notification timelines?

First-Day Passwords Are Still IAM's Soft Underbelly
Temporary onboarding credentials keep showing up in breach forensics. The problem isn't laziness — it's that most IT teams never actually defined what 'temporary' means.

Trusted Plugin Scripts Weaponized in Admin-Aware WordPress Supply-Chain Hit
Tampered JavaScript served from PushEngage, OptinMonster and TrustPulse fingerprinted logged-in admins before silently provisioning rogue accounts and a stealth plugin.

152 Chrome 'Wallpaper' Extensions Quietly Push Adware to 105K Browsers
A 38-account publisher cluster on the Chrome Web Store funnels new-tab traffic through three backends — and it looks a lot less like art and a lot more like an ad-fraud pipeline.

Threat Actor 'Misere' Claims Breach of French Government Messaging Platform Tchap
Around 73,000 sovereign-platform accounts may be compromised. Attribution remains unclear, and the actor is not yet tied to a known cluster.

FBI and Google Tear Down 'Outsider Enterprise' Phishing Platform Behind $1.9 Billion in Losses
Nine thousand phishing sites. Nearly four million stolen credit cards. One takedown.

Sovereign Cloud Gives You a Data Center. Identity Governance Gives You Control.
European enterprises spent two years and real money on sovereign cloud deployments. What they found is that data residency is the easy part — and that AI agent identities are the part nobody governed.